ACME automation
Multi-CA workflows with live state, DNS-01 automation, and certificate tokens for HAProxy, win-acme, and every RFC 8555 client.
Certificate lifecycle feature →Platform overview
CertLocker helps SRE, DevOps and platform teams issue, renew, deliver, verify and audit certificates first, then extend that governed workflow to secrets, scoped tokens, bastion access, RBAC, and audit evidence.
Each area below links to product detail or a field guide from the engineering team.
Multi-CA workflows with live state, DNS-01 automation, and certificate tokens for HAProxy, win-acme, and every RFC 8555 client.
Certificate lifecycle feature →Scoped certificate tokens so edge systems pull the right PEM, chain, and key — no manual SCP or mystery folders on load balancers.
Certificate delivery feature →Know what production is actually serving — not just what your inventory says. Endpoint probes close the gap between issued and deployed.
System and private secrets alongside certificates — PEM material, credentials, and configs with the same RBAC and audit model.
Secrets management feature →Just-in-time SSH via bastion layers — token-scoped, time-limited, revocable in seconds. Browser terminal included for break-glass.
Groups, roles, and notification channels so the right teams see the right assets. Full audit trail for certificate, secret, and access events.